On 6/20/2009 5:00 PM, Nairda wrote: > Hi everyone. > Can someone with a bit more understanding of these things please read > this article and say weather this applies to SM as well? > > http://blogs.techrepublic.com.com/security/?p=1716&tag=nl.e011 > > Snip: > In a surprise move this year, Microsoft has decided to quietly install > what amounts to a massive security vulnerability in Firefox without > informing the user. Find out what Microsoft has to say about it, and how > you can undo the damage. Microsoft pushed out its .NET Framework 3.5 > Service Pack 1 update this February.... > End Snip. > > It looks rather nasty, and I wish I had read it sooner. > Cheers.
The malware is a Firefox extension that (among other things) disables the ability of Firefox to remove it. This apparently affects only Firefox 3.x because of the way extensions are installed. SeaMonkey 1.1.x is related to Firefox 2.x and is not affected because of a different scheme for installing extensions. I don't know if SeaMonkey 2.x will be affected, but it does use the same extension installation scheme as Firefox 3.x. In any case, I've avoided this problem. My Automatic Updates is set for "Notify me but don't automatically download or install them." Since I use Internet Explorer only to get Windows updates and to check my own Web pages, I have rejected all .NET Framework (and ActiveX) updates. Suddenly, I'm very glad I did not update my Windows XP SP2 to Windows XP SP3. The latter would have included this malware. See bug #499521 at <https://bugzilla.mozilla.org/show_bug.cgi?id=499521>. -- David E. Ross <http://www.rossde.com/> Go to Mozdev at <http://www.mozdev.org/> for quick access to extensions for Firefox, Thunderbird, SeaMonkey, and other Mozilla-related applications. You can access Mozdev much more quickly than you can Mozilla Add-Ons. _______________________________________________ support-seamonkey mailing list firstname.lastname@example.org https://lists.mozilla.org/listinfo/support-seamonkey